Cisco IP Telephony Operating System, SQL Server, Security Updates

Last updated 17-January-2012

NOTE: Before you install the file on the server, review the file-specific readme document to verify that the file is compatible with your version of software. Readme documents also provide special notes pertaining to each file. Obtain the readme documents and files by clicking the Cryptographic Software download page.
Use the readme document and this document in conjunction with the document,Installing the Operating System on the Cisco IP Telephony Applications Server, which provides procedures and detailed information for installing/upgrading the operating system and applying support patches. To obtain the installation document, clickhttp://www.cisco.com/en/US/products/hw/voiceapp/ps378/prod_installation_guides_list.html.. You can obtain version-specific operating system release notes by clicking the URL.

Purpose of the DocumentThis document provides information for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download.

ContentsThis document contains the following sections. Click the hyperlink to go directly to the section.

Latest UpdatesThis section provides several lists:Recently released individual Critical hotfixesLatest available OS Service ReleaseIndividual updates that are provided prior to inclusion in an OS Service Release.

File TrackingThis section provides a list of operating system and BIOS files that Cisco removed from the web and replaced with an updated version. Review this section if you are looking for a specific file that is mentioned in the Cisco IP telephony application documentation.

Supported Applications and ServersThese updates support all versions of the following applications:

Latest UpdatesBelow is a list of the security bulletins that were released by Microsoft on 10-January-2012. Although rated by Microsoft, Cisco may adjust the rating to reflect the impact to the supported applications and servers (see Supported Applications and Servers).

Table 1: Microsoft Hotfix Disposition
Below is a list of the latest available OS upgrade. (The 2000.4.6 upgrade requires users to be at a minimum OS level 2000.2.7, 2000.4.1, 2000.4.1b or higher to apply.)

File Name

Description

Status

win-OS-Upgrade-K9.2000-4-6.exe

OS Upgrade 2000.4.6

Available

End of SW Maintenance 19-May-2009

win-OS-Upgrade-K9.2003-1-5a.exe

OS Upgrade 2003.1.5a

Available

Table 2: Latest Available OS Upgrade

Below is a list of the Service Releases that contain all the relevant Microsoft Security Bulletins through December 2011 based on the Microsoft Security Bulletin Summary published 13-December-2011

File Name

Description

Status

win-OS-Upgrade-K9.2003-1-5a-sr24.exe

Service Release 24 for MCS platforms using OS 2003.1.5/2003.1.5a

Available

Table 3: Latest Service Release

Internet or Email Vulnerabilities: Critical Microsoft security bulletins for Internet Explorer, Outlook Express, Windows Media Player, and DirectX are generally not considered critical for the Cisco IP Telephony applications supported by this OS Upgrade process. Servers are typically only vulnerable for these Microsoft components when used to surf the Internet to an attackerâ€™s web site or used to receive a specially crafted email. Cisco IP Telephony servers should never be used to surf the web or be configured to receive email. Although not recommended for Cisco IP Telephony servers, using the server to go to Cisco.com and download software updates should be safe from this type of vulnerability.

Order for Applying UpdatesCisco recommends that you apply software updates as they become available on the Cisco voice products software and cryptographic websites.If you apply all software updates at the same time, Cisco recommends that you apply them in the following order:

Operating System upgrades

SQL Server Service Pack: For more information, refer to the respective readme document.

SQL Server Hotfixes: For more information, refer to the respective readme document(s)

Cisco IP telephony application upgrade

Cisco IP telephony application Service Release

Operating System Service Release

Caution: Always apply the updates to the publisher database server first and verify that the publisher database server behaves as expected. After you apply the updates to the publisher database server, you can apply the updates to the subscriber servers. Always perform the installation updates serially. Applying software updates may cause call-processing interruptions. Install these updates during a maintenance window to minimize call-processing interruptions. If you want to do so, you can apply the operating system upgrade/support patch and the SQL Server support patch/hotfixes during a single maintenance window on the publisher database server first and then every subscriber server in the cluster. During another single maintenance window, you can install the application upgrade and support patch on the publisher database server first and then every subscriber server in the cluster.

Latest Updates for the Operating System and SQL ServerTo ensure your servers run the most current operating system and SQL Server versions, verify that all of the following files are installed on every supported server in the cluster.

OS Upgrade listed needs applied after CallManager/Communications Manager in order to resolve the listed Security Hotfix(es)

Cisco Notification ToolsCisco Unified Communications Manager Notification Tool:Cisco has replaced the current Cisco CallManager notification tool with a new, more robust notification tool that is based on your Cisco.com profiles. This new tool delivers email notifications for individual Cisco voice products that you select. Follow the steps below to sign up for the Cisco Voice Technology Group Subscription Tool:

Scroll down under the â€œIP Telephonyâ€ heading to select your CallManager/Communications Manager version to receive notifications when new operating system updates are posted. (for other Cisco applications running on MCS Platform subscribe to CallManager 4.2 for 2000.4.x OS updates and Communications Manager 4.3 for 2003.1.x OS updates)

Select any other products updates that you wish to receive.

Click update at the bottom of the page.

Confirm your selections.

You may see this message at the bottom of the page: "Your Profile Currently Indicates that you do not wish to receive email from Cisco. "
To be able to receive information updates, you must update your email preferences. Click on the link to update your email preferences (located in the Other Information section). Click submit when you are done.
If you have enabled email notification, you may exit now. If you have not enabled email notification, then you will need to repeat the steps above.
This new software notification tool requires a valid Cisco.com login. If you do not currently have a Cisco.com password, please register with Cisco.com at: http://tools.cisco.com/RPF/register/register.do

Cisco PSIRT Advisory Notification Tool: This email service provides automatic notification of all Cisco Security Advisories that are released by the Cisco Product Security Incident Response Team (PSIRT). Security Advisories, which describe security issues that directly impact Cisco products, provide a set of required actions to repair these products. To subscribe, click the following URL and perform the tasks as directed on the web page: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html - SecurityInfo

File Tracking
The Original File column in the File Tracking table lists files that Cisco has removed from Cisco.com. Cisco has replaced the outdated file in the Original File column with the file that displays in the New File column. Download the file from the New File column.

Note: Files marked with a â€œ*â€ are deemed critical updates by Cisco. Those files or their replacements should be installed at the earliest opportunity to avoid any unscheduled service outages. While it is always recommended to update to a current release, releases marked critical are viewed as required updates for customer stability. For more information about symptoms and side effects, please go to http://support.microsoft.com/ and search for the affected â€œMSâ€ security article referenced in the filename of the Cisco packaged hotfix listed below. (ie: â€œMS10-020â€ is the MS security article for Cisco package win-K9-MS10-020-Windows2003-KB980032.exe)